1. Field of the Invention
The present invention relates to a process and a system for data transmission.
2. Description of the Art
In the state of the art, a transmission of data between terminals and/or servers takes place in accordance with various processes. Such processes are often particularly adapted in order to transmit messages such as, for example, E-mail messages or current headlines, or in order to transmit multimedia data such as an audio or video file. In order to transmit data from a server to a terminal of a user, for example, it may be necessary first to check the entitlement of the user to access certain data. Such a check on entitlement may be made, for example, by a request for a user name and a password. Since a transmission of data often takes place over public networks, it is advantageous to carry out this transmission of data by means of a secured data connection, such as by means of a VPN connection (VPN: virtual private network). The transmission of data between a server and a terminal can thus be subdivided into a phase for the check on entitlement, or authentication phase, and a phase for the transfer of data. Because of the user interaction, the authentication phase often takes a relatively long time, though only little network bandwidth is required. The data transfer phase may on the other hand last only for a short while, depending on the volume of data, and use all of the available network bandwidth.
E-mail messages to a user are, for example, stored on an E-mail server. The user retrieves the E-mail messages stored on the E-mail server by means of an E-mail client. In the state of the art, protocols such as POP (POP: Post Office protocol) or IMAP (IMAP: Internet E-mail access protocol) are used for this purpose. By means of the E-mail client and such protocols, a connection is made between the E-mail client and the E-mail server, whereupon the E-mail client checks the E-mail server for available E-mail messages and, if necessary, downloads new E-mail messages to the E-mail client. The E-mail client is, of course, checked by authentication for its entitlement to access the E-mail messages. The authentication often takes much longer than the subsequent checking and downloading of the E-mail messages. The checking of E-mail messages can also be based on a VPN tunnel. In this case, however, a VPN tunnel is set up even if no new messages are available on the E-mail server. This leads to inefficiency, since a VPN tunnel is set up even if no data is ready for transmission.
In the state of the art, such a two-phase transmission of data suffers from many disadvantages, particularly for users of mobile terminals. It is admittedly the case that powerful WLAN or UWB networks (WLAN: wireless local area network; UWB: ultra wide band) are available to the user at railway stations, for example. But a user at a railway station often has no time to be authenticated for access to data and to download data to the mobile terminal. After the user has taken a seat on the train, however, the user often has enough time to be authenticated for access to data. At this time, however, the train has often already left the site of the station and frequently at this time the user only has much less powerful networks available, such as a GSM or UMTS network (GSM: global system for mobile communications; UMTS: universal mobile telecommunications system). Thus, the user cannot access large quantities of data at this time, such as an E-mail message with a video file as an attachment, since the transmission capacity of such a less powerful network would be inadequate. Thus, in summary, the authentication followed by data transmission used in the state of the art is, for one thing, inconvenient for the user, since the latter must undertake a user interaction. For another, this kind of user interaction prevents optimization of the capacity utilization of a network infrastructure.
A digital rights management architecture is disclosed in the document EP 1 372 055. A packager prepares data for a user and a licensor provides a license to the user. The packager and the licensor share a secret key and can calculate a content key for the prepared data. The prepared and encrypted data, as well as the content key, are transmitted to the user.